[v2,2/7] x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755]
Checks
Context |
Check |
Description |
dj/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
Commit Message
Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to
__wcscmp_evex. For x86_64 this covers the entire address range so any
length larger could not possibly be used to bound `s1` or `s2`.
test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass.
Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
---
sysdeps/x86_64/multiarch/strcmp-evex.S | 10 ++++++++++
1 file changed, 10 insertions(+)
Comments
On Sun, Jan 9, 2022 at 4:28 PM Noah Goldstein via Libc-alpha
<libc-alpha@sourceware.org> wrote:
>
> Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to
> __wcscmp_evex. For x86_64 this covers the entire address range so any
> length larger could not possibly be used to bound `s1` or `s2`.
>
> test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass.
>
> Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
> ---
> sysdeps/x86_64/multiarch/strcmp-evex.S | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/sysdeps/x86_64/multiarch/strcmp-evex.S b/sysdeps/x86_64/multiarch/strcmp-evex.S
> index 1d971f3889..0cd939d5af 100644
> --- a/sysdeps/x86_64/multiarch/strcmp-evex.S
> +++ b/sysdeps/x86_64/multiarch/strcmp-evex.S
> @@ -104,6 +104,16 @@ ENTRY (STRCMP)
> je L(char0)
> jb L(zero)
> # ifdef USE_AS_WCSCMP
> +# ifndef __ILP32__
> + movq %rdx, %rcx
> + /* Check if length could overflow when multiplied by
> + sizeof(wchar_t). Checking top 8 bits will cover all potential
> + overflow cases as well as redirect cases where its impossible to
> + length to bound a valid memory region. In these cases just use
> + 'wcscmp'. */
> + shrq $56, %rcx
> + jnz __wcscmp_evex
> +# endif
> /* Convert units: from wide to byte char. */
> shl $2, %RDX_LP
> # endif
> --
> 2.25.1
>
LGTM.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
Thanks.
@@ -104,6 +104,16 @@ ENTRY (STRCMP)
je L(char0)
jb L(zero)
# ifdef USE_AS_WCSCMP
+# ifndef __ILP32__
+ movq %rdx, %rcx
+ /* Check if length could overflow when multiplied by
+ sizeof(wchar_t). Checking top 8 bits will cover all potential
+ overflow cases as well as redirect cases where its impossible to
+ length to bound a valid memory region. In these cases just use
+ 'wcscmp'. */
+ shrq $56, %rcx
+ jnz __wcscmp_evex
+# endif
/* Convert units: from wide to byte char. */
shl $2, %RDX_LP
# endif